Domain-Based Access Control for Collaborative E- Commerce System

The collaborative e-commerce systems are widely used between the enterprise and enterprise to strengthen cooperating ability of enterprises in dynamic business environment. Since the collaborative e-commerce systems are often shared by different enterprises, powerful access control is needed to allow different access rights to different records of the same table. Traditional access control models that define a permission as the right of a user/role to perform a specific operation on a specific object cannot handle the enormous amount of objects and user/roles. In this paper we propose an enhancement to role-based access control by introducing the domains that flexibly partition access control scope and exceed the limit of the organization frame. And, the domains fix the restrictions that can be added to the traditional concept of permissions in order to keep the number of permissions small. Furthermore, we present an implementation of our access control model at the application programming level. Although access control is performed for every single database access, our solution separates access control from the application logic by using component-based programming. With this, access control can be integrated into a four-tier information system without compiling the application programs.